DeineAgenturUG/go-xmlsec
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
ccd046e8607145486f52e28dee0ac1e9b1ffdb33
go-xmlsec/signature.go
zhenglixin ccd046e860 Update signature.go
2017-02-18 18:04:59 +08:00

76 lines
2.4 KiB
Go
Raw Blame History

package xmlsec
import (
"encoding/base64"
"encoding/pem"
"encoding/xml"
)
// Method is part of Signature.
type Method struct {
Algorithm string `xml:",attr"`
}
// Signature is a model for the Signature object specified by XMLDSIG. This is
// convenience object when constructing XML that you'd like to sign. For example:
//
// type Foo struct {
// Stuff string
// Signature Signature
// }
//
// f := Foo{Suff: "hello"}
// f.Signature = DefaultSignature()
// buf, _ := xml.Marshal(f)
// buf, _ = Sign(key, buf)
//
type Reference struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Reference"`
Transforms []Method `xml:"Transforms>Transform"`
DigestMethod Method `xml:"DigestMethod"`
DigestValue string `xml:"DigestValue"`
}
type Signature struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Signature"`
CanonicalizationMethod Method `xml:"SignedInfo>CanonicalizationMethod"`
SignatureMethod Method `xml:"SignedInfo>SignatureMethod"`
Reference Reference `xml:"http://www.w3.org/2000/09/xmldsig# Reference"`
SignatureValue string `xml:"SignatureValue"`
KeyName string `xml:"KeyInfo>KeyName,omitempty"`
X509Certificate *SignatureX509Data `xml:"KeyInfo>X509Data,omitempty"`
}
// SignatureX509Data represents the <X509Data> element of <Signature>
type SignatureX509Data struct {
X509Certificate string `xml:"X509Certificate,omitempty"`
}
// DefaultSignature returns a Signature struct that uses the default c14n and SHA1 settings.
func DefaultSignature(pemEncodedPublicKey []byte) Signature {
// xmlsec wants the key to be base64-encoded but *not* wrapped with the
// PEM flags
pemBlock, _ := pem.Decode(pemEncodedPublicKey)
certStr := base64.StdEncoding.EncodeToString(pemBlock.Bytes)
return Signature{
CanonicalizationMethod: Method{
Algorithm: "http://www.w3.org/TR/2001/REC-xml-c14n-20010315",
},
SignatureMethod: Method{
Algorithm: "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
},
Reference: Reference{
Transforms: []Method{
Method{Algorithm: "http://www.w3.org/2000/09/xmldsig#enveloped-signature"},
},
DigestMethod: Method{
Algorithm: "http://www.w3.org/2000/09/xmldsig#sha1",
},
},
X509Certificate: &SignatureX509Data{
X509Certificate: certStr,
},
}
}
Reference in New Issue View Git Blame Copy Permalink